For example: Opponents of the Linux-based
DVD playing program called
“DeCSS”
won a court case and then tried to
eliminate the program
from the net. So
clever hackers
wrote another
“DeCSS,”
a mostly worthless program that had nothing to do with
DVD technology, and spread it
online far-and-wide to make it difficult to find the contraband version.

Another group encrypted the original
DeCSS source code by
splitting it up and cryptographically embedding it in the image encoding of
a picture of a cow
— and then set up a service that attached alternate halves of this image to
comments emailed to the U.S.
Copyright Office. These comments became part of the public record, thereby
enabling anyone with the encryption key to view the
DeCSS source code. The
DeCSS opponents would
have to break the encryption to see that the
“illegal” code had been distributed, though,
and their own legal argument was that this sort of encryption
reverse-engineering is illegal copyright infringement, so although they’d
rather squelch the distribution, they’re in a bit of a bind.

Creative thoughtcriminals have also represented the
DeCSS algorithm printed
on the front of a T-shirt, discovered in the digits of a prime number, as a
43,016 base pair DNA
sequence, recorded as a spoken prose-poem, and sung lyrically, among many
other possible renditions. The idea being that at least one of
these is likely to fall under the alleged free-speech protection of the
U.S. Constitution (or alternately,
that we can all be amused as Congress makes the publication of a prime
number illegal). David S. Touretzky’s
Gallery of CSS Descramblers
keeps a running tab on these methods.

The artists’ group
etoy
had been on-line with their web site for two years before the
eToys
company was formed with an on-line toy store. Still, eToys felt it was
within their rights to shut down the etoy site for infringing on their
brand new brand name — they sued and won a temporary injunction.

Network Solutions, the company that supervises the assignment and
maintenance of domain names (like
“etoy.com”) was just getting
started in the rolling-over to corporate interests business, but they got
the hang of it quick. They shut down the etoy.com domain.

This infuriated on-line activists, like
John Perry Barlow
of the
Electronic Freedom Foundation,
who were horrified by the idea that a corporation could form in the
U.S., adopt a trademark, and then
use that to steal the site of a previously established Swiss group with a
similar name.

Rather than attack in the courts or the arbitration system of Network
Solutions, both of which are hopelessly biased in favor of business
interests — friends of etoy went on the offensive
in their own way
— launching what they called TOYWAR:

“TOYWAR worked like a swarm of bees. hundreds of
well-informed people and media experts contested the aggressor on every
level… result: within 2 months the eToys
Inc. stock
(NASDAQ:
ETYS) dropped from $67 (the day the
battle started) to $15 (the day eToys Inc. finally dropped the case).
TOYWAR was the most expensive performance in art history: $4.5 billion in
damage!”

Most cyberterrorist stories are
ignorant scaremongering,
but Jim Bell invented an interesting theoretical protocol by which a widely
distributed group of people could conspire, more-or-less out in the open, to
put out a contract on the life of the President of the United States or some
other such figure, and get away with it.

One of ®TMark’s parody sites,
World Trade Organization / GATT,
so smoothly parodied the real WTO site that the organizers of the Conference
on International Services in Salzburg, Austria
mistakenly invited
a hacktivist from the site to speak at the session on international trade.
Hilarious hijinks ensued, naturally, as the speaker — “Dr.
Bichlbauer” — modestly proposed what the rest of the WTO more
immodestly insists (“The essential
thrust of his speech appeared to be that Italians have a lesser work ethic
than the Dutch, that Americans would be better off
auctioning their votes
in the Presidential election to the highest bidder, and that the primary
role of the WTO was to create a one-world culture,” one
worried conferencee wrote).

The same group, or a similar one anyway, was mistakenly invited to send a
speaker to an international textiles conference. They sent
Hank Hardy Unruh.
“Hank
argued
that the U.S. Civil War (in which slavery became illegal) was
a useless waste of time and resources, because slavery (imported labor)
would have eventually been replaced by the much cheaper system of remote
labor — like we have in sweatshops today.”

In 1986, a fellow going under the name
Captain Midnight
took over the HBO network’s satellite signal and used it
to broadcast his own message.

A couple of years earlier, the outlawed independent Polish labor union
Solidarity figured out how to break into the official government nightly
television news broadcasts. According to one account:

Soon after the seven o’clock television news began, a printed legend,
“Solidarity lives,” flashed quickly but
legibly over the head of the announcer. After a short interval another
message appeared saying, “Listen to Radio Solidarity in
half an hour” and giving the frequency that would be used
for the broadcast.

The way some search engines work is this: if they find that a word or
phrase, such as “hacktivism” is linked to a
page like this one, they assume that someone has categorized this page as a
“hacktivism” page, so if you enter that
word in the search engine, it’ll list this page as being one that may very
well be the one you’re looking for.

Makes sense, but when
HugeDisk
linked the phrase “dumb motherfucker” to
the George W. Bush Online Store, that’s what unlikely seekers of
“dumb motherfucker” were shown as
Google’s best guess
of what they were after.

The on-line bookstore Amazon was hacked in a similar way when their
recommendation system suggested that purchasers of evangelist Pat
Robertson’s Six Steps to Spiritual Revival might very well
also be interested in
The Ultimate Guide to Anal Sex.

There’s some
incipient
guerrilla webfare that involves flooding websites with spurious requests
for data — the tactics and countermeasures are a virtual arms race that’s
interesting to watch.
See, for example, the
electrohippies.

And a 14-year-old guerrilla geek from Israel penetrated and wiped out
an Iraqi government web site by impersonating a Palestinian bent on doing
the same damage to Israeli sites.

More recently, hackers on
both sides
of the Israel / Palestinian conflict have been hacking one anothers’ web
sites and engaging in other such hacktivist attacks. 2003 saw the
Yaha worm
enlisted to serve India in its battle against Pakistan.

Not to be outdone by freelancers, the government of Indonesia organized
“lightning simultaneous
attacks
from countries as far apart as Australia, Japan, Holland and the United
States” on computers in Ireland that were supporting the
then-virtual country of East Timor.

To trip up the spambots scanning the web for email addresses, some bright
CGI artist came up with
a page that contains randomly-generated email addresses and a number of
links that point back to the same page. Address-harvesting robots get
caught in an endless labyrinth of pages.
Here’s a good example.
(More
anti-spam resources can be found at
this page)

The use of memetic warfare — crafting self-perpetuating propaganda viruses
— is emerging as an artform with thusfar mostly unharnessed
potential.

Bruce Schneier, chief technologist for Counterpane Internet Security, calls
these sorts of things the third wave of network attacks. The first wave
was attacks against the computers and wiring themselves, the second wave
was attacks against vulnerabilities in the software and network protocols,
the third wave (“much more serious and harder to defend
against”) “comprises semantic attacks:
attacks that target the way we, as humans, assign meaning to
content.”

One possible example of this sort of thing was
The Deadly AOL.EXE Virus of 2001
— a joke perpetrated by Ray Owens on his Joke A Day site that
took on a life of its own. The joke, in the form of those mosquito-like
“email virus” urban legends, urged readers
to delete a file called “AOL.EXE” from
their machine or risk triggering a virus that would mess up their machine
and sap their intellect. Predictably, the joke morphed into the form it
was parodying, and was forwarded to the inboxes of AOL subscribers, some of
whom did delete the file and found themselves no longer able to
get on-line.